-
1 year, 3 months agothelawsofchaos wrote a new post
Alert when ESCU updates detectionsThis query can set up an alert for when ESCU updates a detection, compared to the version you are using from clone. This requires ESCU v4.31.0 with the new […]
-
3 years, 2 months ago
thelawsofchaos wrote a new post
This dashboard will use REST API endpoints to grab a list of all indexes and then map out by sourcetype how many events when the first one was (based upon _time) and the last. Then does basic date math to show how […]
-
3 years, 5 months ago
thelawsofchaos changed their profile picture
-
3 years, 5 months ago
thelawsofchaos became a registered member
-
3 years, 5 months ago
thelawsofchaos became a registered member
